Количество 11
Количество 11
CVE-2024-47776
GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gst_wavparse_cue_chunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch causes the comparison if (size < 4 + ncues * 24) to fail in some cases, allowing the subsequent loop to access beyond the bounds of the data buffer. The root cause of this discrepancy stems from a miscalculation when clipping the chunk size based on upstream data size. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10.
CVE-2024-47776
GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gst_wavparse_cue_chunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch causes the comparison if (size < 4 + ncues * 24) to fail in some cases, allowing the subsequent loop to access beyond the bounds of the data buffer. The root cause of this discrepancy stems from a miscalculation when clipping the chunk size based on upstream data size. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10.
CVE-2024-47776
GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gst_wavparse_cue_chunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch causes the comparison if (size < 4 + ncues * 24) to fail in some cases, allowing the subsequent loop to access beyond the bounds of the data buffer. The root cause of this discrepancy stems from a miscalculation when clipping the chunk size based on upstream data size. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10.
CVE-2024-47776
GStreamer is a library for constructing graphs of media-handling compo ...
BDU:2025-01021
Уязвимость функции gst_wavparse_cue_chunk мультимедийного фреймворка Gstreamer, позволяющая нарушителю получить доступ к конфиденциальной информации
ELSA-2025-7242
ELSA-2025-7242: gstreamer1-plugins-good security update (MODERATE)
SUSE-SU-2025:0063-1
Security update for gstreamer-plugins-good
SUSE-SU-2025:0067-1
Security update for gstreamer-plugins-good
SUSE-SU-2025:0064-1
Security update for gstreamer-plugins-good
SUSE-SU-2025:0055-1
Security update for gstreamer-plugins-good
ROS-20250121-12
Множественные уязвимости gstreamer1-plugins-good
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-47776 GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gst_wavparse_cue_chunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch causes the comparison if (size < 4 + ncues * 24) to fail in some cases, allowing the subsequent loop to access beyond the bounds of the data buffer. The root cause of this discrepancy stems from a miscalculation when clipping the chunk size based on upstream data size. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10. | CVSS3: 9.1 | 0% Низкий | 6 месяцев назад |
 | CVE-2024-47776 GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gst_wavparse_cue_chunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch causes the comparison if (size < 4 + ncues * 24) to fail in some cases, allowing the subsequent loop to access beyond the bounds of the data buffer. The root cause of this discrepancy stems from a miscalculation when clipping the chunk size based on upstream data size. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10. | CVSS3: 5.1 | 0% Низкий | 6 месяцев назад |
 | CVE-2024-47776 GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gst_wavparse_cue_chunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch causes the comparison if (size < 4 + ncues * 24) to fail in some cases, allowing the subsequent loop to access beyond the bounds of the data buffer. The root cause of this discrepancy stems from a miscalculation when clipping the chunk size based on upstream data size. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10. | CVSS3: 9.1 | 0% Низкий | 6 месяцев назад |
| CVE-2024-47776 GStreamer is a library for constructing graphs of media-handling compo ... | CVSS3: 9.1 | 0% Низкий | 6 месяцев назад |
 | BDU:2025-01021 Уязвимость функции gst_wavparse_cue_chunk мультимедийного фреймворка Gstreamer, позволяющая нарушителю получить доступ к конфиденциальной информации | CVSS3: 9.1 | 0% Низкий | 6 месяцев назад |
| ELSA-2025-7242 ELSA-2025-7242: gstreamer1-plugins-good security update (MODERATE) | около 1 месяца назад | ||
 | SUSE-SU-2025:0063-1 Security update for gstreamer-plugins-good | 5 месяцев назад | ||
| SUSE-SU-2025:0067-1 Security update for gstreamer-plugins-good | 5 месяцев назад | ||
| SUSE-SU-2025:0064-1 Security update for gstreamer-plugins-good | 5 месяцев назад | ||
| SUSE-SU-2025:0055-1 Security update for gstreamer-plugins-good | 5 месяцев назад | ||
 | ROS-20250121-12 Множественные уязвимости gstreamer1-plugins-good | CVSS3: 9.8 | 5 месяцев назад |
Уязвимостей на страницу